Bug 54443
| Summary: | pam-0.75-14 - problem with > 8 char passwords | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Michael Redinger <michael.redinger> |
| Component: | pam | Assignee: | Nalin Dahyabhai <nalin> |
| Status: | CLOSED ERRATA | QA Contact: | Aaron Brown <abrown> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.2 | CC: | mattdm, menthos, pekkas |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2001-10-10 19:59:07 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Michael Redinger
2001-10-08 15:13:37 UTC
Important because it breaks compatiblity with other Unixes and other Linuxes -- including older Red Hat releases. RHL needs to play nicely with others! *** Bug 54489 has been marked as a duplicate of this bug. *** That this affects passwords hashed with a non-MD5 (DES-style) crypt, so this tends to affect environments using NIS more heavily than standalone machines or systems using Kerberos or LDAP for authentication. (MD5 hashing is strongly recommended whenever compatibility with systems which don't support is not an issue.) This will be fixed in 0.75-15, which will show up in Raw Hide before release as a bug-fix errata. We use DES passwords mostly (DOH!) even though NIS isn't used. Why? Because we also have other UNIX systems, to/from which we want to be able move users fluently (e.g. copy the password in /etc/master). Some of those don't even support MD5 unfortunately. So, I expect DES may still be used in more heterogenous environments. The errata package for this (0.75-16) is going out now. Thanks! *** Bug 55011 has been marked as a duplicate of this bug. *** The summary is not accurate. The buggy behaviour occurs with passwords of exactly 8 chars length, not just > 8 chars. E.g. "z2,K2=2aS" as a password reliably reproduces the failure to authenticate bug (omit the quotes). The summary should say: pam-0.75-14 - problem with >= 8 char passwords Ignore the last comment - I counted 8 and not 9 in the example password. This seems related: After upgrading to RH7.2 and pam-0.75-19 I am able to log into my NIS(on solaris) connected workstation just fine. But after locking my screen with xlock,vlock or xscreensaver, I am not able to unlock it again. *** Bug 64234 has been marked as a duplicate of this bug. *** Ok. GREAT. It works! A little comment: In this page there no way to go back to the page where the problem is explained. link: http://rhn.redhat.com/errata/RHBA-2001-127.html Leo. |